diff options
author | Wang Ming <machel@vivo.com> | 2023-07-17 17:59:19 +0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-07-27 08:50:45 +0200 |
commit | 205bad1b3042ecb142eb869aeb3f0968660a22d7 (patch) | |
tree | 26909fba2f381f0339d53092e393f3a480b387cb | |
parent | fac47182d3c2cd3c2153f6967e542bf23b090657 (diff) | |
download | linux-205bad1b3042ecb142eb869aeb3f0968660a22d7.tar.gz |
net: ipv4: Use kfree_sensitive instead of kfree
[ Upstream commit daa751444fd9d4184270b1479d8af49aaf1a1ee6 ] key might contain private part of the key, so better use kfree_sensitive to free it. Fixes: 38320c70d282 ("[IPSEC]: Use crypto_aead and authenc in ESP") Signed-off-by: Wang Ming <machel@vivo.com> Reviewed-by: Tariq Toukan <tariqt@nvidia.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sashal@kernel.org>
-rw-r--r-- | net/ipv4/esp4.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 52c8047efedb..2d094d417eca 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -1132,7 +1132,7 @@ static int esp_init_authenc(struct xfrm_state *x, err = crypto_aead_setkey(aead, key, keylen); free_key: - kfree(key); + kfree_sensitive(key); error: return err; |